Restricting logon access

General discussion

Creator

Topic
May 29, 2002 at 8:52 pm #2336506

Restricting logon access

Locked

by richard shortland · about 21 years, 4 months ago

I need to find a way of restricting access to a particular domain only. At present we have 2 domains here an nt4 based curriculum domain and a windows 2000 based admin domain. The workstations on the nt4 domain has been configured using system policys to allow access only to that domain, however I need to configure the windows 2000 workstations on the admin system to logon to that domain only. Any ideas?

Thanks in advance

Richard Shortland

This conversation is currently closed to new comments.
Creator

Topic

All Comments

Author

Replies
- May 30, 2002 at 1:48 am #3402958
  
  Restricting logon access
  
  by timwalsh · about 21 years, 4 months ago
  
  In reply to Restricting logon access
  
  I’m going to make a couple of assumptions here.
  
  1. You have 2-way trust relationships set up between the 2 domains. Otherewise, users from one domain would not be able to access the other domain without a user account in that domain.
  2. This is an issue of “convenience/confusion prevention” vs. security. I.E. This is an issue of keeping users from logging on to the wrong domain because they don’t pay attention to which domain they are logging on to, vs. you don’t want users in one domain to have access to resources in the other domain.
  
  I cannot find any Group Policy settings that will specifically prevent users from logging on to a domain different from their home domain.
  
  If there is no need for users in one domain to access resources in the other domain, your easiest fix may be to just dump the trust relationships. Inter-domain access is the primary purpose of trust relationships. If only a few users need access to both domains, it may be simpler in the long run to just create accounts in both domains for these few users.
  
  If my second assumption is wrong (i.e it is a security issue), your problem can be solved by setting up permissions on shared resources. With trust relationships set up, users in one domain can only access those shared resources in the second domain that have permissions set to “Everyone.” Otherwise, the second domain’s administrator can set up specific permissions for the first domains users.
  
  Hope this helps.
  - June 30, 2002 at 5:22 pm #3665899
    
    Restricting logon access
    
    by richard shortland · about 21 years, 3 months ago
    
    In reply to Restricting logon access
    
    Poster rated this answer
- June 30, 2002 at 5:22 pm #3665898
  
  Restricting logon access
  
  by richard shortland · about 21 years, 3 months ago
  
  In reply to Restricting logon access
  
  This question was closed by the author
Author

Replies

Viewing 1 reply thread

Start a Discussion

Start New Discussion

In the current business environment, it is almost inevitable that an organization will experience a security breach that exposes collected personal data to unauthorized access. Under the provisions of the General Data Protection Regulation, regardless of the severity of the security breach, organizations must inform their EU customers and stakeholders of the incident in a ...

This OneDrive Cloud Usage Policy, courtesy of TechRepublic Premium, defines the practices and behaviors organization representatives must follow when using any Microsoft OneDrive cloud file storage account to execute organization services, process organization data, or access or store organization information. From the policy: No organization representative should ever install a personal OneDrive account on any ...

One of the most common and most requested jobs listed by the video game industry is the job of video game designer. Depending on the company, the platform, the project and the company’s specific development process, the job of a video game designer can mean many different things. But at its base level, a game ...

Networks

General discussion